Tag: authorization


Found 263 results for 'authorization'.


1) web-application - Protecting from console attacks
2) services - Trying to run "service nginx restart" from a non root user
3) encryption - How to protect an application from attackers with full read-access to the db?
4) certificates - Client identification using client certificates
5) web-application - Web-Application with CORS Origin: * using authorization header
6) authentication - Is it advisable to tie different capabilities to different session tokens?
7) encryption - Create Public Key using OpenSSL instead of PuTTYgen for PKCS#8
8) passwords - How secure is NOPASSWD in passwordless sudo mode?
9) oauth - How do high-performance web applications control permission to their content?
10) csrf - OAuth2 Cross Site Request Forgery, and state parameter
11) web-application - Will "Authorization: Bearer" in request header fix CSRF attacks?
12) encryption - Look over my Web API Authentication Scheme
13) web-application - User can't navigate to webpage through the UI due to permissions, but are able to navigate to page by pasting the URL. How do I protect against this?
14) authentication - If I misuse OAuth 2.0 to do authentication, am I at risk?
15) encryption - Securing mobile app rest requests
16) authentication - 3rd party API access: Is OAuth really required?
17) authentication - What is the protocol used for authentication/authorization of my internet access using account inside web browser?
18) oauth - Using OAuth SPA app to provide third party with access token
19) tls - Decide to REST API Security
20) http - Returning the wrong HTTP response code on purpose?
21) authorization - XMLHttpRequest with preflighted CORS missing authorization token
22) authentication - Is there an added benefit to authentication within a part of an application, after authenticated into the main application?
23) authentication - Anti session-hijacking mechanism using a session variable
24) authentication - Reasonable security measures for unvalidated "login"
25) csrf - Can oauth2 "state" parameter be used to avoid using session cookies to identify user
26) brute-force - Avoid brute force attacks on oAuth authorization server
27) authentication - Microservice security: How to perform authorization + services also need auth checks individually?
28) authentication - Mobile apps that use OAuth2 to offload authentication to a 3rd party: are they misusing OAuth2?
29) mobile - OAuth2 for mobile apps with confidential backend client (Is PKCE required?)
30) security - Admin password of MariaDb doesn't seem to work
31) authorization - Was the Raspberry Pi-related NASA JPL network breach primarily caused by the failure to keep an updated list of authorized devices?
32) authentication - WCF - Is this a good security Architecture?
33) authentication - Best way to authorize and authenticate a user on web API
34) linux - Is it a good practice to use certificates as a mean of client identification in a cloud environment
35) rest - API pagination with external or centralised authorization
36) rest - REST API Oauth 2 - Which grant type to use?
37) rest - REST API Design: Multiple resources and authorization
38) rest - Appropriate HTTP status code when authorization server is unavailable
39) database-design - How to design role based access control?
40) authorization - Checking validity of users and tenants in each request
41) authentication - Refresh tokens by example using Angular and Spring Boot
42) web-services - OAuth alternative for a 2 party system
43) rest - Prevent abuse to REST API endpoint
44) rest - Authorization and Authentication design for splitting a site into REST API and Web App (AspNetCore MVC)
45) authentication - cookie vs. session vs jwt
46) authentication - Token based authentication and multiple sessions
47) authorization - What identity and/or access data are JWT claims intended for?
48) security - Microservices and authorization
49) microservices - How to handle authentication & authorization inside microservices
50) architecture - Database design for a role based access system?